form1.frm

WEB服务器漏洞扫描器

'Inet1.URL = ""
'Inet1.OpenURL t2(1) & "/server-info", 1
'h = Inet1.GetHeader
'h2 = Split(h, vbCrLf)

'txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

'check showcode.asp

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/msadc/Samples/SELECTOR/showcode.asp?source=/msadc/Samples/../../../../../boot.ini", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check .htw (webhits.dll)

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/scripts/samples/search/qfullhit.htw", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check htimage.exe

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/cgi-bin/htimage.exe?2,2", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check doctodep.btr

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/_vti_pvt/doctodep.btr", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check msadcs.dll

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/msadc/msadcs.dll", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check bdir.htr

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/scripts/iisadmin/bdir.htr", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check newDsn.exe

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/scripts/tools/newdsn.exe", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check advSearch.asp

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/iissamples/exair/search/advsearch.asp", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check aexp2.htr

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/iisadmpwd/aexp2.htr", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check CodeBrowse.asp

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/iissamples/exair/howitworks/codebrws.asp", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check mkiLog

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/scripts/tools/mkilog.exe", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check /.htaccess

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "//.htaccess", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check service.pwd

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/_vti_pvt/service.pwd", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check fpcount.exe

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check ism.dll

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/scripts/iisadmin/ism.dll?http/dir", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check .idq

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/anything.idq", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check .ida

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/anything.ida", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check shtml.exe

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/_vti_bin/shtml.exe/non-existent-file.asp", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check newDSN.exe

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/Scripts/Tools/Newdsn.exe?Createdatabase", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf


' check +.htr

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/global.asa+.htr", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check bogus string exploit

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/default.asp?variable=%Request('variable') = <bogus_string>", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check Robots.txt

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/robots.txt", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check cfcache.map

'h = ""
'h2 = ""
'Inet1.URL = ""
'Inet1.OpenURL t2(1) & "/cfcache.map", 1
'h = Inet1.GetHeader
'h2 = Split(h, vbCrLf)

'txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check query.asp

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/iissamples/iissamples/query.asp", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check repost.asp

h = ""
h2 = ""
Inet1.URL = ""
Inet1.OpenURL t2(1) & "/scripts/repost.asp", 1
h = Inet1.GetHeader
h2 = Split(h, vbCrLf)

txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf

' check search?

'h = ""
'h2 = ""
'Inet1.URL = ""
'Inet1.OpenURL t2(1) & "/search?", 1
'h = Inet1.GetHeader
'h2 = Split(h, vbCrLf)

'txtServerInfo.Text = txtServerInfo.Text + h2(0) & ":  " & Inet1.URL & vbCrLf & vbCrLf



'done
txtServerInfo.Text = txtServerInfo.Text + vbCrLf & vbCrLf & "Scan Complete. ETA: (" & lblTimer.Caption & ") seconds"
Timer1.Enabled = False
lblTimer.Caption = "0"

Else

txtServerInfo.Text = "Unreconized command! [" & txtcmd.Text & "]"

End If
Exit Sub
Err:
txtServerInfo.Text = txtServerInfo.Text + "An error occured while trying to process your request." & vbCrLf & "Please check your command and try again."
Exit Sub

ElseIf KeyAscii = "000" Then '000 = spacebar - if they hit the spacebar during a scan then that will initiate the following code which cancel's the scan.
txtServerInfo.Text = "Please Wait..."
Inet1.Cancel
Inet1.URL = ""
Else
' Do Nothing
End If
End Sub